-
On November 7th, security researchers discovered a dangerous malicious npm package called “@acitons/artifact” that had already been downloaded more than 206,000 times. The package was designed to look like the legitimate “@actions/artifact” package used by developers building tools with GitHub Actions. This was a classic typosquatting attack where the attackers swapped the letters to make […] The post Malicious npm Package with 206k Downloads Attacking GitHub-Owned Repositories to Exfiltrate Tokens appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
NVIDIA has issued a critical security update addressing two high-severity vulnerabilities in its NeMo Framework that could allow attackers to execute malicious code and escalate privileges on affected systems. The vulnerabilities, tracked as CVE-2025-23361 and CVE-2025-33178, both carry a CVSS score of 7.8 and affect all versions of the NeMo Framework before version 2.5.0 across […] The post NVIDIA NeMo Framework Vulnerabilities Allows Code Injection and Privilege Escalation appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The SmartApeSG campaign, also known as ZPHP or HANEY MANEY, continues to evolve its attack methods to compromise Windows systems with malicious remote access tools. First reported in June 2024, this campaign has shifted from using fake browser update pages to deploying sophisticated ClickFix-style techniques. The new approach tricks users into thinking they need to […] The post SmartApeSG Campaign Leverages ClickFix Technique to Deploy NetSupport RAT appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability has been identified in the Cisco Catalyst Center Virtual Appliance that could enable authenticated, remote attackers to escalate their privileges to Administrator on affected systems. This vulnerability CVE-2025-20341 …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has disclosed critical security vulnerabilities affecting Cisco Unified Contact Center Express (Unified CCX) that could enable unauthenticated, remote attackers to execute arbitrary commands, escalate privileges to root, and bypass authentication…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Elastic Security Labs has uncovered a sophisticated campaign deploying a newly identified loader, dubbed RONINGLOADER, that weaponizes legitimately signed kernel drivers to systematically disable Microsoft Defender and evade endpoint detection and resp…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have uncovered a critical vulnerability in Cursor, the AI-powered code editor, that allows attackers to inject malicious code through rogue Model Context Protocol (MCP) servers. Unlike VS Code, Cursor lacks integrity checks on its …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
NVIDIA has released critical security patches addressing two high-severity vulnerabilities in its NeMo Framework that could allow attackers to execute arbitrary code and escalate privileges on affected systems. The vulnerabilities affect all versions o…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybercriminals are deploying sophisticated phishing campaigns that weaponize seemingly legitimate invoice emails to distribute Backdoor.XWorm is a dangerous remote-access trojan (RAT) capable of stealing sensitive credentials, recording keystrokes, and…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Jamf Threat Labs has identified a new family of malicious stealers tracked as DigitStealer, representing a significant evolution in macOS-targeted malware. Unlike traditional infostealers that follow linear execution paths, DigitStealer introduced soph…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
